Monday, January 10, 2011

Early Experiences with Hospital Certification

As one of the pilot sites for CCHIT's EHR Alternative Certification for Hospitals (EACH), I promised the industry an overview of my experience.

It's going very well.   Here's what has happened thus far.

1.  Recognizing that security and interoperability are some of the more challenging aspects of certification, we started with the CCHIT ONC-ATCB Certified Security Self Attestation Form to document all the details of the hashing and encryption we use to protect data in transit via the New England Healthcare Exchange Network.

Next, I had my staff prepare samples of all the interoperability messages we send to patients, providers, public health, and CMS.   Specifically, we created

CCD v.2.5 used to fulfill the Discharge summary criterion
HL7 2.51 Reportable lab
HL7 2.51 Syndromic surveillance
HL7 2.51 Immunizations
PQRI XML 2009 for hospital quality measures

We validated them with the HL7 NIST test site

and the HITSP C32 version 2.5 NIST test site.

CCHIT validated the PQRI XML as conforming.

2.  Next, I documented an inventory of all the applications we are using during our Meaningful Use measurement period for Hospital Inpatient and Emergency Department care (Medicare place of Service 21 and 23)

webOMR - our online medical record
CPOE - our inpatient ordering system
ED Dashboard - our emergency department workflow applications
Massachusetts eHealth Collaborative Quality Data Center - our PQRI reporting system
Performance Manager - web-based analytics from our hospital data marts

I assigned each of these applications to the 24 Hospital Meaningful Use Criteria

Drug-drug, drug-allergy interaction checks
Drug-formulary checks
Maintain up-to-date problem list
Maintain active medication list
Maintain active medication allergy list
Record and chart vital signs
Smoking status
Incorporate laboratory test results
Generate patient lists
Medication reconciliation
Submission to immunization registries
Public health surveillance
Patient-specific education resources
Automated measure calculation
Computerized provider order entry
Record demographics
Clinical decision support
Electronic copy of health information
Electronic copy of discharge instructions
Exchange clinical information and patient summary record
Reportable lab results
Advance directives
Calculate and submit clinical quality measures

Once I watched the CCHIT Certification Readiness video I was advanced to Readiness Learning Complete and we could begin preparing for inspection.

3.  I assigned each of the CCHIT Test scripts (easier to use than NIST Test scripts) to my staff to ensure our applications met the certification functional requirements.   They executed each of the scripts twice and timed the effort so that we could report our actual test execution experience to CCHIT.

4.  We scheduled a time for inspection testing - a web-based desktop sharing application session with a CCHIT observer to evaluate our conformance.

5.  In preparation for that testing my staff created test patients with test medications, test problems, test allergies, and test labs.   Also, they practiced their demonstrations to ensure smooth and efficient execution of the test scripts.

Since we're certifying our applications in parallel with measuring our hospital meaningful use performance, we sent training materials to our clinicians reminding them of their responsibilities to use the applications completely and wisely.

Here are my lessons learned thus far:

1.  Take certification very seriously - it's not easy.   I have a staff of very experienced IT professionals and we had to do a great deal of preparation.   This is not a function of the Authtorized Testing and Certification Body you choose, it's a function of the certification requirements and the NIST test scripts.  The staff and educational materials of the ATCB make a huge difference.    In my case, I relied on CCHIT staff to guide me through the process and CCHIT inventory tools/test scripts to make the process as easy as possible.

2.  Interoperability testing is rigorous.    The more tightly constrained the content standards, the more likely they will be interoperable between sender and receiver.

3.  Quality measurement is hard.   There are 15 detailed numerators and denominators with exclusionary criteria to prepare.  CMS requires these to be electronically submitted in PQRI XML, so you must generate a conforming electronic format.

4.  Some of the NIST test scripts require functionality that may not be clinically obvious.   Note that this is purely my own personal opinion as a doctor.   You must demonstrate that super users can change drug/drug and drug/allergy alerting logic.   As a clinician, I cannot think of a reason to change drug/allergy alerting - you are either allergic to a medication or you're not.   There is no alert fatigue from reporting a drug/allergy interaction, no matter how minor.

5.  You must certify all the technology you plan on using for Meaningful Use attestation.   You can only report Meaningful Use data from "Certified EHR technology", hence the reason we are certifying our ED applications, inpatient applications, data warehouses, and analytic tools.

Thus far, the process has great integrity, appropriate rigor, and sufficient specificity.    We're doing it with our existing teams within existing budgets.    Yes, it is creating temporary stress.   However, if we pass certification in the next several weeks, we'll all be very proud.

Also - the ONC Permanent Certification Program was published in the Federal Register last week (Thanks to Robin Raiford for this bookmarked copy).   I'll write about industry reaction to it as soon as I hear more.


Anonymous said...

Thank you Dr. Halamka for sharing this. This is very helpful.
You said each criteria should be achieved using "certified technology". Do you know if there is any mapping available between the meaningful use criteria and the corresponding EHR certification criteria?

John Halamka said...

Yes. The NIST Test Scripts document the relationship between Meaningful Use and Certification criteria

Anonymous said...

We are developing an in house EHR but don't want to build patient portal as this point. We are looking for a certified EHR module (Patient Portal) that would help us meet the the MU criteria "Provide Patients with an Electronic Copy
of their Health Information Upon Request". What module should an EMR module be certified in to help us fulfill this MU criteria using "Certified Technology". Is such a mapping from MU criteria to the required module available somewhere.

LCS said...

Did CCHIT allow you to verify your XML for quality measures ahead of time? How can this be done prior to the testing date?